/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package ContentManagers.Servlets;

import ContentManagers.RoleManagers.CustomerSessionManager;
import ContentManagers.RoleManagers.ReviewManager;
import ContentManagers.Security.Validator;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Martin San Diego
 */
@WebServlet(name = "ServletAddReview", urlPatterns = {"/ServletAddReview"})
public class ServletAddReview extends HttpServlet {

    
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {
                HttpSession session = request.getSession();
                boolean checker = false;

                String username = session.getAttribute("username").toString();
                checker = new CustomerSessionManager().checkSession(username, request.getRemoteAddr().toString(), session.getAttribute("sessionID").toString());
                
                if(checker == false) //check first if user is logged in or registered
                {
                    session.setAttribute("errorMessage", "Please register first before having any transactions. Thank You.");
                    response.sendRedirect("index_new_user.jsp");
                    //redirect to registration page if not logged in or registered
                }
                
                else
                {
                    
                    //request.getParameter("product_id");
                    checker = new ReviewManager().addReview(Validator.inputSanitizer(username), 
                                                Validator.inputSanitizer(request.getParameter("product_id")),
                                                Validator.inputSanitizer(request.getParameter("comment")));
                    
                    response.sendRedirect("viewItem.jsp?productID=" + request.getParameter("product_id"));
                    
                    
                            
                }
            
            
            
        } finally {            
            out.close();
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP
     * <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Handles the HTTP
     * <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
